Restricted/Limited Access Network project meeting

Monday, February 18, 2013; 3:00 p.m.; AISB-208

Invited

Phil Benchoff, Jacob Dawson, Marc DeBonis, William Dougherty, Peter Franchi, Brian Jones, Ron Keller, Jeff Kidd, Dean Kirstein, Philip Kobezak, Greg Kroll, Steve Lee, Randy Marchany, Christine Morrison, Rich Sparrow, Lucas Sullivan

Agenda

  1. Review action items from 20130107 - January 7, 2013 RLAN Project Status Meeting
  2. Status Updates
    1. Status of the RLAN implementation in Student Services building.
    2. Status of the RLAN implementation in other buildings.
    3. Status of RLAN communications plan.
      Roger Anderson in Financial Aid should be resdy to test now. All three areas identified for the pilot have connections that are active and ready to be tested
  3. Any comments/updates on draft RLAN FAQ?
    *RLAN FAQ document has been reviewed by Jeb Stewart and Scott Midkiff and was sent to Susan Brooker-Gross for further review and editing
  4. Pilot end date
    1. Pilot ends - August 1, 2013
  5. Who is included in the Pilot
    1. ** Bursar
    2. ** Financial Aid
    3. ** Registrar
  6. ISB exceptions (need ITSO approval)
    1. 5 (possibly 6 now) RLAN connections for ISB are to be activated (even though they are not part of the departments in the pilot) Need ITSO approval
      The discussed method for activating these RLAN connections for AISB is to have Vivian access the new web portal developed by ITSO and follow the process parts we have in place to test the process. Philip k. will work with Vivian to go over the web application procedures.

    2. From: Vivian Rich vrich@vt.edu
      Sent: Thursday, February 14, 2013 4:09 PM
      To: Kobezak, Philip
      Cc: Sparrow, Rich; Buhrdorf, Jacqueline; Krallman, John
      Subject: RLANs to be installed in the AISB

      Philip,

      I notified NI&S today that we need to add one more RLAN connection to our list for the AISB. Rich Sparrow told me that you were the person who would be meeting with our folks who need RLAN connections.

      We have a total of six RLANs that we want installed in this building.
      NI&S O&P folks have the info they need from us for the RLAN installations. I was told that you would be checking/talking to our folks about the RLAN connections and would let the O&P folks know that it was OK for these folks to have the RLAN connections and whatever level/option each person needs.

      As of today, our list includes:

      AIS Alumni Development – Stephen Carpenter, Janet Linkous, and Jennifer Rush

      AIS Finance – Jay Smith, he has requested two RLAN connections

      Identity Mgt Services – Rhonda Randel

      Hopefully, this is the info you need from me. If there is something else you need, just let me know.

      Thanks,

      Vivian

  7. I can give a quick update on early adopters
    Early adopters: Roger Anderson -Financial Aid
    Registrars still in progress
  8. discussion of how to support whitelisting of whole domains (i.e. *.bankofamerica.com)
    • Cisco ASA CX module?, HTTP proxy server, other ideas
    • experiment with whitelisting with stonesoft IPSs
      Whitelist discussion - methods
      - ASA - Network Layer CX module - what does it do
      - Blacklist - at ASA
      - Whitelist at Stonesoft IPSs or elsewhere (how does Stonesoft handle SSL - stlee)
      – Terminating SSL and making request of behalf of the client - Not recommended
      - host based firewall - IP based
      - Block and log at the ASA - Blacklist inbound - outbound
      - Log connections at ASA

      Test ASA rules by pings ITSO & NI&S - stlee to determine if appropriate logging is taking place for testing
  9. Open forum
    Gigabit Ethernet RLAN ports (and UC) needed in data center for scanning and test ITSO machines moving from Torgersen
    - Who puts these orders online?? (no charge) 5 connections per Philip K.
    - Talk to William and Bill Blevins and Pat Rodgers (special CAN for ITSO?)
    - Ron K. ?
    - Needed soon (tomorrow)
  • No labels